Security News > 2021 > January > SolarWinds hackers had access to over 3,000 US DOJ email accounts
The US Department of Justice said that the attackers behind the SolarWinds supply chain attack have gained access to roughly 3% of the department's Office 365 email inboxes.
The Justice Department currently employs over 115,000 people [1, 2] which translates to around 3450 potentially breached mailboxes.
DoJ's Office of the Chief Information Officer detected malicious activity on December 24th, 2020, related to the SolarWinds hack that impacted several federal agencies and technology contractors.
"This activity involved access to the Department's Microsoft O365 email environment," DoJ Spokesman Marc Raimondi said in a statement published earlier today.
The OCIO blocked the method used by the attackers to gain access to the DOJ Office 365 email accounts after learning of this malicious activity.
This statement confirms a Microsoft report saying that the end goal of the SolarWinds supply chain compromise was to provide the attackers with access to the targets' cloud assets after deploying the Sunburst/Solorigate backdoor on their local networks.
News URL
Related news
- US says Chinese hackers breached multiple telecom providers (source)
- US indicts Snowflake hackers who extorted $2.5 million from 3 victims (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Hacker gets 10 years in prison for extorting US healthcare provider (source)
- Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack' (source)
- Faraway Russian hackers breached US organization via Wi-Fi (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- US shares tips to block hackers behind recent telecom breaches (source)
- Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses (source)
- Microsoft dangles $10K for hackers to hijack LLM email service (source)